Change syslog.conf comments relating to network logging to focus on client

setup which is configured in the file itself, rather than talking partly about
client (set in the file), command-line flags used for servers which are
better suited to the syslogd(8) manual, and ISDN.

In the commented-out examples, use tls rather than the plaintext protocol.
If users don't need tls they can change it, but it's a sane default, and
a good place to show that we have the feature.

ok bluhm@

1 files changed, 6 insertions, 8 deletions

diff --git a/etc/syslog.conf b/etc/syslog.conf
index 9eb309c7164..c6f41244d26 100644
--- a/etc/syslog.conf
+++ b/etc/syslog.conf
@@ -1,4 +1,4 @@
-#	$OpenBSD: syslog.conf,v 1.20 2016/12/27 13:38:14 jca Exp $
+#	$OpenBSD: syslog.conf,v 1.21 2021/10/13 20:34:03 sthen Exp $
 #
 
 *.notice;auth,authpriv,cron,ftp,kern,lpr,mail,user.none	/var/log/messages
@@ -22,13 +22,11 @@ mail.info						/var/log/maillog
 # Everyone gets emergency messages.
 #*.emerg							*
 
-# Uncomment to log to a central host named "loghost".  You need to run
-# syslogd with the -u option on the remote host if you are using this.
-# (This is also required to log info from things like routers and
-# ISDN-equipment).  If you run -u, you are vulnerable to syslog bombing,
-# and should consider blocking external syslog packets.
-#*.notice;auth,authpriv,cron,ftp,kern,lpr,mail,user.none	@loghost
-#auth,daemon,syslog,user.info;authpriv,kern.debug		@loghost
+# Uncomment to log to a central host named "loghost" using syslog-tls.
+# You need to run syslogd with the -S option on the remote host if you
+# are using this.
+#*.notice;auth,authpriv,cron,ftp,kern,lpr,mail,user.none	@tls://loghost
+#auth,daemon,syslog,user.info;authpriv,kern.debug		@tls://loghost
 
 # Uncomment to log messages from doas(1) to its own log file.  Matches are done
 # based on the program name.